Is there a public PoC exploit available for EUVD-2026-25657?

Yes, a public proof-of-concept exploit is available for EUVD-2026-25657. Prioritise patching immediately. EPSS: 0.0%.

AiraHub2 EUVD-2026-25657

Q: What is the CVSS score of EUVD-2026-25657?

EUVD-2026-25657 has a CVSS 4.0 base score of 2.1 (Low). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2026-6981 LOW

Server-Side Request Forgery (SSRF) (CWE-918)

2026-04-25 VulDB

SSRF Airahub2

2.1

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

2.1 LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Apr 29, 2026 - 01:12 NVD

MEDIUM LOW

CVSS changed

Apr 29, 2026 - 01:12 NVD

5.3 (MEDIUM) 2.1 (LOW)

PoC Detected

Apr 29, 2026 - 01:00 vuln.today

Public exploit code

CVSS changed

Apr 25, 2026 - 15:22 NVD

6.3 (MEDIUM) 5.3 (MEDIUM)

Analysis Generated

Apr 25, 2026 - 15:00 vuln.today

EUVD ID Assigned

Apr 25, 2026 - 14:30 euvd

EUVD-2026-25657

Analysis Generated

Apr 25, 2026 - 14:30 vuln.today

CVE Published

Apr 25, 2026 - 14:15 nvd

LOW 2.1

DescriptionCVE.org

A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Server-side request forgery (SSRF) in AiraHub2 allows authenticated remote attackers to manipulate the connect_stream_endpoint and sync_agents functions in AiraHub.py, enabling arbitrary HTTP requests to internal or external systems. The vulnerability affects multiple endpoints and has publicly available exploit code; however, the vendor has not responded to disclosure attempts and uses a rolling release model, making patch status unclear.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate to AiraHub2

Delivery

Access connect_stream_endpoint or sync_agents function

Exploit

Provide malicious URL parameter

Execution

Server makes request to attacker-specified endpoint

Impact

Attacker exfiltrates internal data or modifies backend state